Results 1 to 1 of 1
  1. #1
    Dwar is offline
    Veteran Dwar's Avatar
    Join Date
    2010 Mar
    Thanked 2,224 Times in 289 Posts
    Rep Power

    NET Library for Packet Sniffing with Winpcap

    Winpcap has been the de facto library in packet capture applications, but the problem is that it is only natively available for C++ and C.
    This is an attempt to port some of the crucial Winpcap functions for the .NET environment. The demonstration project here is written in C#.
    First of all, you need to install Winpcap and then extract the project zip file. Be sure to reference dotnetwinpcap.dll in the project if not already so.

    Methods Available

    • static ArrayList FindAllDevs()
      Returns an ArrayList of Device objects, each describing an Ethernet interface on the system.
    • bool Open(string source, int snaplen, int flags, int read_timeout)
      Opens an Ethernet interface with source as the name of the interface obtained from a Device object, snaplen is the max number of bytes to be captured from each packet, flags=1 means promiscuous mode, read_timeout is the blocking time of ReadNext before it returns.
    • PCAP_NEXT_EX_STATE ReadNext( out PacketHeader p, out byte[] packet_data)
      Reads a next packet and return the packet details (size and timestamp) to object p, and packet raw data in packet_data (array of bytes).
    • void StopDump()
      Stops dumping of capture data to a file.
    • bool StartDump(string filename)
      Starts dumping of capture data to a file.
    • bool SetMinToCopy(int size)
      Sets the minimum number of bytes required to be received by the driver before OnReceivePacket fires. Lowering this can increase response time, but increases system calls which lowers program efficiency.
    • bool SetKernelBuffer(int bytes)
      Sets the number of bytes in the driver kernel buffer for packet capture. Increase this to avoid packet loss and improve performance. Default is 1 MB.
    • void StartListen()
      Starts listening for packets.
    • void StopListen()
      Stops listening for packets.
    • void Close()
      Stops all operations and releases all resources.
    • bool SendPacket(byte[] rawdata)
      Sends bytes contained in rawdata over the wire. The ethernet checksum will be automatically added prior to sending the packet. Returns true if send is successful, false otherwise.


    • bool IsListening
      true if the dotnetWinpcap object is listening, false otherwise.
    • string LastError
      Returns the last error encountered by the library, if any.

    Event Support

    delegate void ReceivePacket (object sender, PacketHeader p, byte[] s);
    event ReceivePacket OnReceivePacket;
    Once StartListen() is called, OnReceivePacket will start to fire on every packet encountered, until StopListen() is called, or Close() is called.

    Delegate objects of the above signature may be attached to the OnReceivePacket event to receive notification and perform further processing, as demonstrated in the demo source code.
    Author: Victor Tan

    Please register or login to download attachments.

    Please, post your questions on forum, not by PM or mail

    I spend my time, so please pay a little bit of your time to keep world in equilibrium

Similar Threads

  1. [C#] WinPCap Packet Sniffer Source
    By Dwar in forum VB, .NET Framework
    Replies: 2
    Last Post: 2014-08-24, 07:47 PM
  2. [Tutorial] Packets - Sniffing and Analysis
    By Dwar in forum Game Researching Tutorials
    Replies: 24
    Last Post: 2013-05-09, 02:32 AM
  3. [Tutorial] WPE Pro - (Attaching, Sniffing, Sending, Editing, Filters, Saving/Loading)
    By Shinky in forum Game Researching Tutorials
    Replies: 0
    Last Post: 2012-05-17, 02:34 PM
  4. WinPcap Autoit3 UDF
    By TEDSON in forum AutoIt
    Replies: 1
    Last Post: 2010-12-03, 02:33 AM
  5. Replies: 0
    Last Post: 2010-11-29, 04:08 PM
Visitors found this page by searching for:

c# packet sniffer tutorial

c# packet sniffer drop

c# packet drop library

winpcap c# tutorial

.net ethernet

autoit winpcap drop packet

simple tutorial winpcap library in c# packet sniffer attach application

c# drop packetwinpcap c sharphow to close a file opens in offline packet device c#promiscuous packet sniffer c#c# winpcap tutorialsend packet in game c#raw ethernet c# receive packetwinpcap library c#c# bot sniff packetpacket sniffer visual basic 2010visual basic reading packet capturec# .net raw ethernet interfacehttp:www.progamercity.netvb-code5372-c-net-library-packet-sniffing-winpcap.htmlpacket sniffer in vb.netc# packet capture sniffer packetPacket Sniffing with Winpcap c#

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts